2.5 Years in Jail for Planting 'Logic Bomb'

cweditor writes "A former Medco Health systems administrator was sentenced to 30 months in federal prison and ordered to pay $81,200 in restitution for planting a logic bomb on a network that held customer health care information. The code was designed to delete almost all information on about 70 company servers. This may be longest federal prison sentence for trying to damage a corporate computer system, although Yung-Hsun Lin faced a maximum of 10 years." How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?

meatspace

[qwertphobia]

How long before the disgruntled sysadmin replaces the disgruntled postal worker in the zeitgeist?

Only when disgruntled sysadmins start damaging meatspace. Really, it's possible, but only then will people start waking up.

Re:Disgruntled sysadmins?

[hal9000(jr)]

Just as in government, there needs to be checks and balances. Giving a single admin too much power is a very bad idea.

Your plan sounds good in theory, but unfortunately, it rarely works in practice. Distinct separation of duties and powers requires a great deal of discipline on the organization. It took an act of congress to force get public companies, and in particular, the executive board, to take responsibility over accounting practices.

Besides, little ot todays software lets you seperate duties in a meaningful way or to require double authorization for critical actions.

2 1/2 years is a light sentence compared to the damage this guy could do. Thankfully, most sysadmins are honest ethical people.

wow, that's harsh

[jollyreaper]

I would like to give this admin credit for not just walking into the place with a high-powered assault rifle and shooting at random.

I've heard some tales of the disgruntled from back in the day. The most common "I quit" sabotage was taking the reel-to-reel's from the library and dumping them in a sink with water. But the worst worst worst one I heard of, one that could even be an urban legend because of how evil it is, it was the revenge of an angry admin who wanted the company to pay dearly for the evils visited upon him. He sets up this program that doesn't run until several months after he leaves the company. Note, this is back in the days of tapes and computer operators who worked the night shift and moved the tapes from one drive to another, 1970-somethings. Anyway, what his program did was step through EVERY tape in the library. He shuffled it in a random order so nobody would become suspicious. The operator just follows the prompting on his terminal, never the wiser. By the time the sequence is complete, every tape has been erased. As the story goes, the company had no offsite backups and was ruined.

Revenge fantasies are fun but seriously, a job is a job. If you go out in a blaze of glory at one, it will make finding the next one a lot more difficult, especially with a felony on your record. But I guess if he was thinking clearly we wouldn't be reading about this in the first place.

life-threatening?

[sholden]

"""
Liebermann noted that if the bomb had taken down Medco's network, people using a Medco prescription card would not have been able to fill any new prescriptions. "That could be very serious, maybe even life-threatening, depending on the need for that medication," Liebermann said.
"""

So what happens when they have a network failure for some other reason? Bad hardware, power outage, building fire, comet impact...

Re:meatspace

[SharpFang]

Actually, it may get much more spectacular than wrong medications served to patients.

Flight control hacking
Railway tracks control
Time bombs in firmware of cars (in all cars of given model, after given date, once the speed is over 60mph, disable brakes and force power steering all the way to the left)
huge chemical industry factory manufacturing systems
municipal gas networks
oil pipelines control
Nuclear power plants
halon dump release system firmware
top secret strategical plans posted to usenet
military devices control systems

Nice work if you can get it

[MillionthMonkey]

I once worked for a guy who had to maintain some code that a consultant had written several months before. (Ironically this was at a place that handled medical records.) He stumbled across a logic bomb in the consultant's code that hadn't gone off yet. I forget the details but he said it was some sort of obfuscated routine that used a number of inputs, including the timestamp, to produce its outputs, and the timestamp was a legitimate input needed by the routine for real reasons. It was being manipulated with some goofy number in some way to cause an overflow on a certain date, which was still several months away.

So he figures, oh, it's a logic bomb, and not being terribly intrigued by it enough to study it, he just kicked up the number to push the deadline back by a century and left it at that.

Three or four days after the bomb was set to go off, they got a phone call from the guy asking if they had any work for him.

Re:Let's face it

[COMON$]

Some of the best sysadmins I know are ex-developers. The worst happen to be tinkerers who were in the right place at the right time who fit the aforementioned description. Its OK, cause as a sysadmin I make good money fixing networks that another sysadmin botched up.

But I agree with you, I was a CS graduate that decided to head for the Network Engineering/Sys Admin field because the work was more interesting to me. Not saying that dev work isn't interesting, it is just not my cup o tea.

Every once in a while I consider heading back to dev work when I get tired of everyone watching every thing I do and having an opinion on it. Devs seem to have the enigma feel in the departments I have worked in. No one really knows what they do on an hour by hour basis except for their peers, they get to test things before they are live and if they make a mistake it is just considered standard debugging. Whereas as a Sysadmin, if someone's e-mail gets routed to junk mail you get put on the most wanted list for months.

Re:meatspace

[Anonymous Coward]

So you'd think that companies would try to increase the happiness and reduce the stress level of these critical employees: hire more and pay them more. Give them more control over their workflow and more say in policy so that they don't feel alienated and uninvested.

But they don't. What they do instead is implement hasher security protocols intended to prevent the employees from going postal. In the process spending as much, if not more than they would have making them happy. And stressing them further.

Modern management practices are astoundingly fascist, and saying "it's the same everywhere" is no excuse. It should be cause for alarm.

My sympathy is with the guy who tried to crash them. If there is one single person in an organization that gets routinely shit on, crash the whole thing. Screw 'em.

Re:Dead man switch

[mccrew]

His original script had a bug in it(not tested)... these are the same reasons that he probably lost his job to the better people on the team when the cuts came.

What is interesting, perhaps even mind boggling, is that it appears that he hadn't lost his job. When his birthday rolled around in 2004 and the logic bomb didn't fire due to the bug, he was able to apply a fix and reset it for his birthday in 2005! You'd think that he wouldn't want to be around when it went off.